Browsing Author: Ryan Naraine

Adobe PDF Reader Gets Another Security Makeover

Categories: Malware, Vulnerabilities

[img_assist|nid=2650|title=|desc=|link=none|align=left|width=100|height=100]Adobe has released a mega-update for its Reader and Acrobat software products to fix a total of eight documented security vulnerabilities. The update comes with significant security improvements, including the on-by-default addition “Enhanced Security,” a feature that provides a set of default restrictions and a method to define trusted locations that should not be subject to those restrictions.

Read more...

Adobe Confirms ‘Coordinated, Sophisticated’ Cyber Attack

[img_assist|nid=2640|title=|desc=|link=none|align=left|width=100|height=100]In an attack described as “sophisticated” and “coordinated,” Adobe said its corporate network systems were breached by hackers.
The company said the attack also affected other unnamed companies. 
Adobe did not provide any other details except to say it was aware of
the breach on January 2, 2010.

Read more...

Google Threatens China Pullout After Cyber Attack

[img_assist|nid=2639|title=|desc=|link=none|align=right|width=100|height=100]Google said in a blog post today
that it will consider shutting down its site in China and closing its
offices, following a large scale attack on its corporate infrastructure
originating from China that resulted in the theft of Google’s
intellectual property.  Read the full story [ZDNet]

Read more...

Microsoft warning to XP users: Update Flash Player Now

Categories: Malware, Vulnerabilities

[img_assist|nid=2632|title=|desc=|link=none|align=left|width=154|height=84]Microsoft has shipped a security advisory with an urgent message for Windows XP users:  Update your Flash Player immediately.The Adobe Flash Player 6 that ships by default in Windows XP is vulnerable to multiple code execution vulnerabilities that could lead to PC takeover attacks, according to the advisory.

Read more...

MS Patches Critical Flaw in EOT Font Engine

Categories: Malware, Vulnerabilities

[img_assist|nid=2550|title=|desc=|link=none|align=right|width=100|height=100]The first Microsoft patch for 2010 is out, providing cover for a solitary vulnerability in the way Windows handles EOT (Embedded OpenType) fonts.  The update is rated “critical” but Microsoft says there is a low likelihood of exploitation on its newer operating systems.

Read more...

Oracle to Patch 24 Security Flaws

[img_assist|nid=2582|title=|desc=|link=none|align=right|width=100|height=100]Database server giant Oracle is joining Microsoft and Adobe this Patch Tuesday.As part of its Critical Patch Update schedule, Oracle plans to ship 24 security patches on January 12 to cover a wide range of serious vulnerabilities in its database and application server products.

Read more...

Financial Industry Group Plans Cyber Attack Simulation

A financial services industry group is
planning to simulate a series of cyber attacks to test how well banks,
payment processors and retailers deal with online threats.  Participants will be expected to activate their incident response
procedures in accordance with the scenario presented and to complete an
anonymous survey to evaluate their organization’s response. Read the full story [Dark Reading]

Read more...

Microsoft Plans Quiet January Patch Tuesday

Categories: Vulnerabilities

[img_assist|nid=2550|title=|desc=|link=none|align=left|width=100|height=100]Microsoft’s first Patch Tuesday for 2010 will be very light: A solitary bulletin addressing a vulnerability that is rated critical only for Windows 2000 users.According to Redmond’s advance notice for the next batch of patches due on January 12, the bulletin is rated “low” for every other affected version of Windows, meaning it is “extremely difficult” to exploit or has minimal impact.

Read more...